Extracted

• • Target

    9c87c565e2ae2d33c373d1e70fd1408b4b6d8407061b5ef3d747a174d49c1658

  • Size

    69KB

  • MD5

    ca6777fb22d0eb26b0a1e9ddbe622338

  • SHA1

    679bde2db2b0ae1275f87f861ff372521d93bd5f

  • SHA256

    9c87c565e2ae2d33c373d1e70fd1408b4b6d8407061b5ef3d747a174d49c1658

  • SHA512

    a11f98f3504202ed41222491113864d6d743b5b85ff7f76fdc046d64aaef0cf3bbb444eaad5140dcb2dadeb72f5aeb9356c14496c6f15a6b06771208a4de269d

  • SSDEEP

    1536:WcDFVkoE1c6iS8XATMhCxK3BiNein/GFZCeDAyY:W4Vkokc+mRfBiNFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2